Full Disclosure mailing list archives
RE: IE is just as safe as FireFox
From: "joe" <mvp () joeware net>
Date: Wed, 17 Nov 2004 13:59:41 -0500
I would rather not get too deep into this. But I think you are mixing the ideas of good code with good documentation or possibly with good hard design specs. In any project there are going to be things that aren't specifically specified in the design that some other module could possibly take advantage of. These are generally considered implementation details. For a basic example, say you have a routine that takes a search filter and returns information based on that filter. Let's say when the spec was written, no thought of the ordering of the data to be returned was defined, it was simply a matter of return the correct data. Actually specifying the order possibly wasn't important or overlooked. Some very high quality code was written to the spec and the specific implementation detail ended up having it so the data got returned in a way that was sorted by some field used in the query or by some arbitrary value specific to the indexing. Someone completely unrelated to the module, say someone who is using that module as an API or as a server app notices that it always comes back sorted and implements some stateless retrieval mechanism around it (I understand, this is their F-U and they wrote bad code here because there are critical untested assumptions). This works for years and years. Then some work is done on the original code and that implementation detail changes and sort is now done in a different way or not at all. Downstream modules dependent on that until then well understood implementation detail implode. The original code was still high quality. Someone just used it in a way that wasn't intended. It is these unintended uses of implementation details that can really bite you and why YOU ALWAYS legacy test code that may be used by something else. I don't think any spec will ever define out 100% what needs to go in and what needs to come out and all of the possible implementation details that could result. I think we can get close and assert the crap out of the input and output based on what we expect and break out when it deviates. But this is an expensive form of coding and I think impacts flexibility a little. Anyway, on the flip side you could have horrible spaghetti code that conforms very well to a published spec as well. I would tend to agree that normally that would be harder to work on (except for maybe the person who originall wrote it) but want to put emphasis on the importance truly being in the spec and data assertions. I completely agree that IE is too intertwined and it gives the appearance that the OS needs it. It does need to be stripped back out or the piece that allegedly has to be there for OS functionality needs to be stripped down to very bare very basic pieces that disallows and extension or code execution. joe -- Pro-Choice Let me choose if I even want a browser loaded thanks! -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Eric Paynter Sent: Tuesday, November 16, 2004 4:19 PM To: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] IE is just as safe as FireFox But high quality code that has a sound and well documented architecture can be more easily updated without messing up dependencies, whereas low quality code can be a nightmare to find let alone correct even the most trivial bug. There are always exceptions, but *in general*, it is easier (less effort, faster turnaround) to maintain high quality code. -Eric _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: IE is just as safe as FireFox, (continued)
- Re: IE is just as safe as FireFox Des Ward (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- Message not available
- Re: IE is just as safe as FireFox n3td3v (Nov 12)
- Re: IE is just as safe as FireFox Valdis . Kletnieks (Nov 12)
- Message not available
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- RE: IE is just as safe as FireFox Todd Towles (Nov 12)
- Re: IE is just as safe as FireFox William Warren (Nov 12)
- RE: IE is just as safe as FireFox joe (Nov 15)
- RE: IE is just as safe as FireFox Eric Paynter (Nov 16)
- RE: IE is just as safe as FireFox joe (Nov 17)
- Re: IE is just as safe as FireFox Curt Purdy (Nov 14)
- Re: IE is just as safe as FireFox stephane nasdrovisky (Nov 16)
- RE: IE is just as safe as FireFox joe (Nov 17)
- IE is just as safe as FireFox Raoul Nakhmanson-Kulish (Nov 18)
- Message not available
- Re: IE is just as safe as FireFox Raoul Nakhmanson-Kulish (Nov 18)
- Message not available
- Re: IE is just as safe as FireFox Raoul Nakhmanson-Kulish (Nov 18)